package com.icesoft.xsnow.oauth.endpoint;

import com.icesoft.xsnow.common.core.constant.SecurityConstants;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.RedirectStrategy;
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;
import org.springframework.security.web.savedrequest.RequestCache;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.SessionAttributes;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

/**
 * @program: xsnow
 * @description: 自定义登陆授权端点
 * @author: xuefeng.gao
 * @create: 2019-07-05 14:41
 **/
@Slf4j
@Controller
@SessionAttributes({"authorizationRequest"})
public class XsnowLoginEndpoint{
    private RequestCache requestCache = new HttpSessionRequestCache();
    private RedirectStrategy redirectStrategy = new DefaultRedirectStrategy();

    @RequestMapping(SecurityConstants.LOGIN_PAGE)
    public String login(HttpServletRequest request, HttpServletResponse response,Model model) throws IOException {
/*        // 从session缓存中获取引发跳转的请求
        SavedRequest savedRequest = requestCache.getRequest(request, response);
        if (null != savedRequest) {
            String targetUrl = savedRequest.getRedirectUrl();
            log.info("引发跳转的请求是:" + targetUrl);
            if (StrUtil.endWith(targetUrl, ".html")||StrUtil.containsAny(targetUrl,"response_type=code")) {
                // 如果是HTML请求，那么就直接跳转到HTML，不再执行后面的代码
                redirectStrategy.sendRedirect(request, response, SecurityConstants.LOGIN_HTML);
            }
        }
        // 如果访问的是接口资源
        return R.failure(HttpStatus.HTTP_UNAUTHORIZED,"401","访问的服务需要身份认证，请引导用户到登录页面");*/
        model.addAttribute("loginProcessUrl",SecurityConstants.LOGIN_PROCESS_URL);
        if(request.getParameterMap().containsKey("error")){
            return "redirect:"+ SecurityConstants.LOGIN_HTML+"?error=invalid";
        }
         return "redirect:"+ SecurityConstants.LOGIN_HTML;
    }

    /**
     * 自定义授权页面，注意：一定要在类上加@SessionAttributes({"authorizationRequest"})
     *
     * @param model   model
     * @param request request
     * @return String
     * @throws Exception Exception
     */
    @RequestMapping("/custom/confirm_access")
    public String getAccessConfirmation(Map<String, Object> model, HttpServletRequest request) throws Exception {
        Map<String, String> scopes = (Map<String, String>) (model.containsKey("scopes") ?
                model.get("scopes") : request.getAttribute("scopes"));
        List<String> scopeList = new ArrayList<String>();
        for (String scope : scopes.keySet()) {
            scopeList.add(scope);
        }
        model.put("scopeList", scopeList);
        return "authentication-grant";
    }
    /*
    public ModelAndView getAccessConfirmation(Map<String, Object> model, HttpServletRequest request) throws Exception {
        AuthorizationRequest authorizationRequest = (AuthorizationRequest) model.get("authorizationRequest");
        ModelAndView view = new ModelAndView();
        view.setViewName("authentication-grant");
        view.addObject("clientId", authorizationRequest.getClientId());
        return view;
    }
    */


}
